The General Data Protection Regulation (GDPR) effected all organisations in the UK leading up to May 2018.
We were appointed by a variety of independent restaurants to perform full GDPR audits on their business.
The hospitality industry has always collected customer data via booking details and comment cards completed by diners. This personal data fell under the new data regulation in May 2018.
To ensure all personal data collected and used in the business was mapped, stored correctly and used in a manner acceptable to the governing bodies.
Cream Holdings Ltd
- Data Roadmap
- Data Breech Policy
- Legitimate Interest Assesment
- Data Cleansing Policy
- Staff Training
First step is to create a data roadmap. An investigation into the journey that personal data takes through an organisation and how employees interact with it.
Confusion still exists around GDPR best practice. Running a full GDPR audit gives a facinating insight into how many places personal data is collected and stored. The aim of the audit is to leave an organsiation with the confidence a structure is in place and all the bases are covered.
The GDPR should be looked at in a positive light and used to help streamline business practice.
“The most important part of good GDPR practice is understanding where, how and why data is collected and stored with a data roadmap.”